Dr. Reiter is expected to testify as follows:
1 . Dr. Reiter will testify regarding the meaning of the disputed claim elements to
one of ordinary skill in the art, taking into account the understood meaning of the terms
in the art, the patent specifications and the file histories. He will testify as follows:
a. InterTrust's proposed definitions, attached as Exhibit B to the Joint Claim
Construction Statement ("JCCS") are consistent with the use of the terms or phrases in
the specification and the relevant art. Those definitions are attached hereto. Citations to
supporting specification text and relevant art can be found in Exhibit C to the JCCS.
b. Microsoft has made repeated substantial changes to its proposed definitions,
the changes continuing up to shortly before the present document was prepared. For this
reason, it is impossible to include detailed responses to the issues raised by those
definitions.
In general, however, the Microsoft definitions incorporate restrictions that are
inconsistent with specification use of the terms and/or inconsistent with the
understanding of the terms in the art. Those inconsistencies are demonstrated by the
attached supporting evidence. The following discussion lists one or more serious
deficiencies in each Microsoft definition, but is not intended as a comprehensive
description of all such deficiencies.
Individual terms
Access/Access to/Accessing/Accessed
The first sentence of Microsoft's definition is generally consistent with the
InterTrust definition. The second sentence of the Microsoft definition is based on a
specific disclosed embodiment, and is inconsistent with general use of the term in the
specifications.
Addressing
The two parties' definitions are very close. Microsoft's definition is, however,
improper in its apparent exclusion of indirect addressing.
Allowing, allows
Microsoft's definition is based on a specific disclosed embodiment and ignores
other embodiments. See InterTrust's supporting evidence.
Arrangement
# #
Microsoft's definition requires particular types of organizations and is therefore
inconsistent with the patent specifications.
Aspect
Microsoft's definition is overly restrictive in its requirement that an aspect be
"persistent" and that it "can be used to distinguish [an environment] from other
environments."
Associated with
Microsoft's definition incorporates restrictions based on a particular embodiment
and is inconsistent with other disclosed embodiments and with the general meaning of the
term.
Authentication
Microsoft's definition requires multiple types of authentication, in a manner not
required by use of this term in the specification or the art. Moreover, some of these types
cannot be applied (e.g., "origin integrity" applied to an organization).
Authorization information, Authorized, Not authorized
Microsoft's definitions are based on specific embodiments and contradicted by
alternative embodiments disclosed in the specifications.
Budget control; Budget
Microsoft's definition improperly restricts "budget" to a particular type of
method, and improperly restricts Budget Control in a manner inconsistent with the
specification.
Can be
Microsoft's definition incorporates the language "which otherwise cannot be
carried out." This language is inconsistent with the specifications.
Capacity
The Microsoft definition relates to hardware storage devices, a context that is
irrelevant to use of the term in the relevant claim.
Clearinghouse
Microsoft's definition is inconsistent with use of this term in the specifications.
See InterTrust's supporting evidence.
# •
Compares; Comparison
Microsoft's definition is based on a particular type of processor operation, a
context that is not discussed in the specification and not required by the claim.
Component assembly
Microsoft's definition incorporates a large number of restrictions based on
specific embodiments and ignoring alternate embodiments.
Contain, contained, containing
Microsoft's definition requires "physically" or "directly" storing, and
distinguishes Addressing. This is inconsistent with use of the term in the specification.
Control (n.); Controls (n.)
The Microsoft definition incorporates a large number of restrictions based on
specific embodiments, and ignores alternate embodiments described in the specifications.
Controlling; Control (v.)
The Microsoft definition incorporates limitations that are not required by the
specification, including limitations contradicted by use of the term in the specifications
and by disclosed embodiments.
Copied file
The Microsoft definition improperly distinguishes "copied file" from "copy."
Copy, copied, copying (v.)
The Microsoft definition is internally inconsistent, since it both prohibits and
allows changes in the reproduced file. That definition also incorporates examples that are
inconsistent with use of the terms in the claims.
Copy control
The Microsoft definition is inconsistent with use of this term in the claim.
Data item
The Microsoft definition incorporates limitations not present in the InterTrust
definition. These limitations are not required by the specification or normal use of the
term in the art.
# •
Derive, Derives
The Microsoft definition requires retrieval, a concept not required by the
specifications or use of this term in the claim.
Descriptive data structure
Limitations in the last two sentences of the Microsoft definition are inconsistent
with described embodiments and are not required by the specifications or use of the term
in the claims.
Designating
The Microsoft definition does not apply to this term, but instead to the claim
phrase in which the term is found. That claim phrase is separately defined.
Device class
The Microsoft definition is inconsistent with the definition given to this term
during prosecution.
Digital file
The Microsoft definition is overly restrictive. The limitations is incorporates are
not required by the specification, use of the term in the claims or general use in the
relevant art.
Digital signature; Digitally signing
The Microsoft definition of digital signature requires that the string be
"computationally unforgeable," a characteristic that is impossible to obtain. The
Microsoft definition of digitally signing requires a secret key, and also includes
significant background discussion not necessary for the definition.
Entity's control
Microsoft's definition improperly requires control of a "particular use of or access
to particular protected information by a particular user(s)." No such requirements are
imposed by the term, the claim or the specifications.
Environment
Microsoft does not appear to have provided any definition for this term.
Executable programming; Executable
Microsoft's requirement of "machine code instructions" is inconsistent with use
of this term in the specifications. In addition, Microsoft's definition of "computer
program" imposes limitations not required by these terms.
Execution space; Execution space identifier
Microsoft's definition of Execution Space is inconsistent with the explicit
definition given to this term during prosecution. Microsoft's definition of Execution
Space Identifier improperly requires "unique" identification.
Governed item
Microsoft's definition of Governed Item requires arbitrarily fine granularity and
control of "access and use by any user, process, or device." Neither the term nor the
specifications require such limitations.
Halting
The Microsoft definition requires execution be "unconditionally" stopped. The
specification imposes no such requirement, and the Microsoft definition appears to be
based on a particular type of instruction that is not mentioned in the patents.
Host processing environment
The Microsoft definition incorporates the term "VDE node " a term that is itself
defined at great length, incorporating numerous improper limitations. The Microsoft
definition also improperly incorporates restrictions based on privileged mode versus user
mode, and "loaded" software. In addition, the Microsoft definition improperly excludes
hardware.
Identifier, Identify, Identifying
The Microsoft definitions improperly restrict these terms to "particular instances."
Including
The definitions are consistent, except that the hardware portion of Microsoft's
definition requires "physically present within." This is inconsistent with use of the term
in the claims.
Information previously stored
Microsoft's definition would render the claim nonsensical, since it would require
a comparison involving information that is no longer available for the comparison.
# •
Integrity programming
The Microsoft definition is internally inconsistent, improperly incorporates the
term Executable Programming and improperly defines integrity as excluding all
alterations.
Key
Microsoft's exclusion of "key seed or other information from which the actual
encryption and/or decryption key is constructed, derived, or otherwise identified" is
inconsistent with the specification and general use of the term in the relevant art.
Load module
Microsoft's definition imposes numerous limitations beyond those identified in
the InterTrust definition. Those additional limitations are not required by the term and
are inconsistent with embodiments disclosed in the specifications.
Machine check programming
The Microsoft definition improperly requires Executable Programming and a
"unique 'machine signature' which distinguishes the physical machine from all other
machines." These limitations are not required by the term.
Opening secure containers
The Microsoft definition improperly distinguishes "opening" from decrypting,
and improperly incorporates limitations based on a particular embodiment of opening.
Operating environment
See Processing Environment.
Organization, Organization information, Organize
The Microsoft definitions improperly incorporate concepts related to physical
storage.
Portion
The Microsoft definition improperly implies that presence of a "portion" excludes
presence of the whole.
Prevents
# *
The Microsoft definition requires a level of certainty that is inconsistent with the
specification and impossible to obtain.
Processing Environment
The Microsoft definition incorporates a specific embodiment and would exclude
other embodiments disclosed for this term.
Protected processing environment
The Microsoft definition incorporates at least several dozen highly restrictive and
unnecessary limitations, and appears to combine restrictions from multiple separate
embodiments.
Protecting
The incorporation of Security into the Microsoft definition is improper, since that
term is considerably more general than the manner in which Protecting is used in the
claim.
Record
The Microsoft definition includes limitations beyond those incorporated in the
InterTrust definition. These added limitations are not required by use of this term in the
claims, specification, or art.
Required
The Microsoft definition implies a degree of absoluteness that is inconsistent with
the specification. The second sentence of the Microsoft definition is unsupported by the
specification or normal use of the term.
Resource processed
The Microsoft definition improperly requires a "shared facility " and that the
resource be "required by a job or task." These are not required by the claim or
specification.
Rule
The Microsoft definition improperly distinguishes Rules from Controls, and
imposes an unsupported requirement that a Rule be a "lexical statement."
Secure
The Microsoft definition requires absolute protection against all possible threats,
and is therefore inconsistent with use of the term in the specification, the claims, and the
relevant art.
Secure container
The requirements imposed by the Microsoft definition are either inconsistent with
the specification or ignore disclosed embodiments.
Secure container governed item
The Microsoft definition imposes a requirement of absolute security that is
inconsistent with the specification and ignores alternate disclosed embodiments.
Secure database
The Microsoft definition improperly defines "database" in accordance with one
particular type of database, and improperly imposes a requirement of absolute security
that is inconsistent with the specification.
Secure execution space
The Microsoft definition is inconsistent with and excludes embodiments of Secure
Execution Spaces described in the specification.
Secure memory
Microsoft's definition of "memory" improperly excludes virtual memory.
Microsoft's definition of Secure Memory includes numerous restrictions not supported by
the specification.
Secure operating environment, Said operating environment
See Secure Processing Environment.
Securely applying
Microsoft's definition of "securely" is inconsistent with and excludes
embodiments described in the specification.
Microsoft's definition of Securely Applying improperly includes limitations from
specific embodiments, as well as limitations not required by the specification or claims.
Securely assembling
# •
The Microsoft definition incorporates limitations from specific embodiments, and
ignores alternate embodiments not requiring those limitations.
Securely processing
The Microsoft definition improperly incorporates a requirement of a secure
execution space. This requirement is inconsistent with embodiments described in the
specification.
Securely receiving
The Microsoft definition is based on limitations taken from a particular
embodiment and ignores alternate embodiments.
Security level, Level of security
The Microsoft definition improperly requires an "ordered measure" and
persistence. The second and third sentences from the Microsoft definition are
unsupported by any disclosure in the specifications.
Tamper resistance
The Microsoft definition improperly requires a tamper resistant barrier.
Tamper resistant barrier
The Microsoft definition describes a specific embodiment, and is inconsistent
with alternate embodiments described in the specifications.
Tamper resistant software
The Microsoft definition improperly requires a tamper resistant barrier.
Use
The second sentence of the Microsoft definition improperly incorporates
limitations from a particular embodiment.
User controls
The Microsoft definition is inconsistent with the claim and the prosecution
history.
Validity
The Microsoft definition improperly incorporates the concept of "authentication,"
and applies only to data.
Virtual distribution environment
See Global Construction of VDE.
Claim phrases
193,1
receiving a digital file including music
The Microsoft definition includes numerous unnecessary limitations, including
secure container, authentication a recipient and use of controls.
a budget specifying the number of copies which can be made of said digital file
The Microsoft definition improperly includes "copies" that are not "long-lived,
decrypted or accessible." The Microsoft definition also ignores embodiments involving
alternative control structures.
controlling the copies made of said digital file
The Microsoft definition improperly incorporates limitations from particular
embodiments, ignores embodiments describing alternative control structures and imposes
numerous limitations that are not supported by the specification or claim language.
determining whether said digital file may be copied and stored on a second device
based on at least said copy control
The Microsoft definition incorporates numerous unnecessary limitations not
required by the claim or the specification, improperly requires that "the" file, as opposed
to a copy, be stored on a second device, excludes described alternative embodiments and
requires an absolute degree of control that is inconsistent with the specification.
if said copy control allows at least a portion of said digital file to be copied and
stored on a second device
The Microsoft definition's "explanation" of the branches makes no sense and is
unsupported by the claim and , improperly requires that "the" file, as opposed to a copy,
be stored on a second device.
copying at least a portion of said digital file
# •
The Microsoft definition improperly distinguishes a "copy" and "the" file, and
improperly excludes embodiments described in the specification.
transferring at least a portion of said digital file to a second device
The Microsoft definition improperly distinguishes a "copy" and "the" file,
improperly requires that controls be executed and ignores alternative embodiments
described in the specification.
storing said digital file
The Microsoft definition improperly distinguishes a "copy" and "the" file, and
improperly requires storage of the entire file rather than a portion.
193.11
receiving a digital file
The Microsoft definition includes numerous unnecessary limitations, including
secure container, authentication a recipient and use of controls.
determining whether said digital file may be copied and stored on a second device
based on said first control
The Microsoft definition incorporates numerous unnecessary limitations not
required by the claim or the specification, improperly requires that "the" file, as opposed
to a copy, be stored on a second device, excludes described alternative embodiments and
requires an absolute degree of control that is inconsistent with the specification.
identifying said second device
The Microsoft definition improperly requires that the identification distinguish the
device from all other devices, that controls be used and that a VDE Secure Processing
Environment be used.
whether said first control allows transfer of said copied file to said second device
The Microsoft definition improperly distinguishes a "copy" from "the" file, and
ignores embodiments describing alternative control structures.
said determination based at least in part on the features present at the device
The Microsoft definition improperly requires that all features be used, that these
be "actual, current" features and improperly excludes device identifiers.
if said first control allows at least a portion of said digital file to be copied and
stored on a second device
The Microsoft definition's "explanation" of the branches makes no sense and is
unsupported by the claim and , improperly requires that "the" file, as opposed to a copy,
be stored on a second device.
copying at least a portion of said digital file
The Microsoft definition improperly distinguishes a "copy" and "the" file, and
improperly excludes embodiments described in the specification.
transferring at least a portion of said digital file to a second device
The Microsoft definition improperly distinguishes a "copy" and "the" file,
improperly requires that controls be executed and ignores alternative embodiments
described in the specification.
storing said digital file
The Microsoft definition improperly distinguishes a "copy" and 'the" file, and
improperly requires storage of the entire file rather than a portion.
193.15
receiving a digital file
The Microsoft definition includes numerous unnecessary limitations, including
secure container, authentication a recipient and use of controls, and the requirement that
the step must proceed in both authentication branches is not supported in the claim.
an authentication step comprising:
The Microsoft definition improperly includes a requirement of an absence of trust,
VDE controls and a VDE Secure Processing Environment.
accessing at least one identifier associated with a first device or with a user of said
first device
The Microsoft definition improperly requires "securely" accessing, that an
identifier identify a "single" user or device (but not "and"), VDE controls, and a VDE
Secure Processing Environment.
determining whether said identifier is associated with a device and/or user
authorized to store said digital file
t •
The Microsoft definition improperly requires VDE controls and a VDE Secure
Processing Environment.
storing said digital file in a first secure memory of said first device, but only if said
device and/or user is so authorized, but not proceeding with said storing if said
device and/or user is not authorized
The Microsoft definition ignores embodiments describing alternative control
structures, and improperly requires that "the" file be stored, as opposed to a copy, VDE
controls, and a VDE Secure Processing Environment.
storing information associated with said digital file in a secure database stored on
said first device, said information including at least one control
Microsoft's definition improperly requires that the stored information be
associated with the digital file but not the digital file's contents, VDE controls, a VDE
Secure Processing Environment and that the step proceed regardless of the outcome of
the authentication step.
determining whether said digital file may be copied and stored on a second device
based on said at least one control
The Microsoft definition incorporates numerous unnecessary limitations not
required by the claim or the specification, improperly requires that "the" file, as opposed
to a copy, be stored on a second device, excludes described alternative embodiments,
requires an absolute degree of control that is inconsistent with the specification, and
requires that the step proceed regardless of the outcome of the authentication step.
if said at least one control allows at least a portion of said digital file to be copied
and stored on a second device,
The Microsoft definition's "explanation" of the branches makes no sense and is
unsupported by the claim and , improperly requires that "the" file, as opposed to a copy,
be stored on a second device.
copying at least a portion of said digital file
The Microsoft definition improperly distinguishes a "copy" and "the" file, and
improperly excludes embodiments described in the specification and improperly requires
that the step proceed regardless of the outcome of the authentication step.
transferring at least a portion of said digital file to a second device
The Microsoft definition improperly distinguishes a "copy" and "the" file,
improperly requires that controls be executed and ignores alternative embodiments
described in the specification, and improperly requires that the step proceed regardless of
the outcome of the authentication step.
storing said digital file
The Microsoft definition improperly distinguishes a "copy" and "the" file, and
improperly requires storage of the entire file rather than a portion, and improperly
requires that the step proceed regardless of the outcome of the authentication step.
193.19
receiving a digital file at a first device
The Microsoft definition includes numerous unnecessary limitations, including
secure container, authentication a recipient and use of controls.
establishing communication between said first device and a clearinghouse located at
a location remote from said first device
The Microsoft definition improperly requires a communications channel and that
the communications channel was "previously non-existent."
using said authorization information to gain access to or make at least one use of
said first digital file
The Microsoft definition improperly requires that "all of the authorization
information be used, VDE controls, a VDE Secure Processing Environment, and ignores
embodiments describing alternative control structures.
receiving a first control from said clearinghouse at said first device
The Microsoft definition includes numerous unnecessary limitations, including
secure container, authentication a recipient and use of controls.
storing said first digital file in a memory of said first device
The Microsoft definition improperly requires VDE controls and a VDE Secure
Processing Environment.
using said first control to determine whether said first digital file may be copied and
stored on a second device
The Microsoft definition incorporates numerous unnecessary limitations not
required by the claim or the specification, improperly requires that "the" file, as opposed
to a copy, be stored on a second device, excludes described alternative embodiments and
requires an absolute degree of control that is inconsistent with the specification.
if said first control allows at least a portion of said first digital file to be copied and
stored on a second device
The Microsoft definition's "explanation" of the branches makes no sense and is
unsupported by the claim and , improperly requires that "the" file, as opposed to a copy,
be stored on a second device.
copying at least a portion of said first digital file
The Microsoft definition improperly distinguishes a "copy" and "the" file, and
improperly excludes embodiments described in the specification.
transferring at least a portion of said first digital file to a second device including a
memory and an audio and/or video output
The Microsoft definition improperly distinguishes a "copy" and "the" file,
improperly requires that controls be executed and ignores alternative embodiments
described in the specification.
storing said first digital file portion
Microsoft's definition improperly distinguishes a "copy" and "the" file.
683.2
the first secure container having been received from a second apparatus
Microsoft's definition improperly requires that the first secure container identify
the apparatus from which it was received, and improperly argues that, in the absence of
such identification, that container could not be distinguished from a container created at
the site. Microsoft's definition includes numerous improper limitations, including
authenticating a recipient and authentication occurring in accordance with VDE controls.
The examples cited by Microsoft are misleading, since these are specific embodiments
rather than general requirements.
an aspect of access to or use of
Microsoft's definition improperly excludes rules governing more than one aspect,
improperly excludes access and use and improperly requires that the aspect be governed
in relation to "any and all processes, users, and devices."
the first secure container rule having been received from a third apparatus different
from said second apparatus
Microsoft's definition improperly requires that the first secure container identify
the apparatus from which it was received, and improperly argues that, in the absence of
such identification, that container could not be distinguished from a container created at
the site. Microsoft's definition includes numerous improper limitations, including receipt
in a secure container, authenticating a recipient and authentication occurring in
accordance with VDE controls.
hardware or software used for receiving and opening secure containers
Microsoft's definition improperly requires a Secure Processing Environment and
SPU, improperly requires "the same single logical piece of either hardware or software
(as opposed to both), " and improperly requires authentication and VDE controls.
said secure containers each including the capacity to contain a governed item, a
secure container rule being associated with each of said secure containers
The Microsoft definition improperly requires that rules be associated with secure
containers, as opposed to governed items.
protected processing environment at least in part protecting information contained
in said protected processing environment from tampering by a user of said first
apparatus
The Microsoft definition is unsupported in the specification. It is contradicted by
the claim and improperly requires numerous elements not required by the specification,
including a Secure Processing Environment.
hardware or software used for applying said first secure container rule and a second
secure container rule in combination to at least in part govern at least one aspect of
access to or use of a governed item contained in a secure container
The Microsoft definition improperly requires a Secure Processing
Environment/SPU, a "single" piece of hardware or software, assembly of a control and
governance through VDE controls.
hardware or software used for transmission of secure containers to other
apparatuses or for the receipt of secure containers from other apparatuses.
The Microsoft definition improperly requires a Secure Processing
Environment/SPU, a "single" piece of hardware or software, assembly of a control and
governance through VDE controls. The examples cited by Microsoft are misleading,
since these are specific embodiments rather than general requirements.
721.1
# •
digitally signing a first load module with a first digital signature designating the first
load module for use by a first device class
The Microsoft definition improperly requires that the digital signature be used as
the signature key, that all load modules be signed and that certain devices not have keys.
digitally signing a second load module with a second digital signature different from
the first digital signature, the second digital signature designating the second load
module for use by a second device class having at least one of tamper resistance and
security level different from the at least one of tamper resistance and security level
of the first device class
The Microsoft definition improperly requires that the digital signature be used as
the signature key, that all load modules be signed, that certain devices not have keys, that
security levels be persistent and that security levels be greater or less than other security
levels.
distributing the first load module for use by at least one device in the first device
class
The Microsoft definition improperly requires transmission and that the digital
signature accompany the first load module as distributed.
distributing the second load module for use by at least one device in the second
device class
The Microsoft definition improperly requires transmission and that the digital
signature accompany the first load module as distributed.
721.34
arrangement within the first tamper resistant barrier
The Microsoft definition improperly requires that the arrangement be "executed
wholly within the first tamper resistant barrier."
prevents the first secure execution space from executing the same executable
accessed by a second secure execution space having a second tamper resistant
barrier with a second security level different from the first security level
The Microsoft definition improperly requires that the second secure execution
space be part of the protected processing environment, that security level differences be.
persistent and higher or lower than each other and that the "same" executable be
executed.
861.58
creating a first secure container
The Microsoft definition improperly requires a VDE Secure Processing
Environment.
including or addressing . . . organization information . . . desired organization of a
content section. . . and metadata information at least in part specifying at least one
step required or desired in creation of said first secure container
The second paragraph from Microsoft's definition is inconsistent with the claim.
The limitations imposed by the third paragraph are not required by the claim or
specification.
at least in part determine specific information required to be included in said first
secure container contents
The Microsoft definition improperly excludes other reasons for inclusion of the
information and improperly requires specific values.
rule designed to control at least one aspect of access to or use of at least a portion of
said first secure container contents
The Microsoft definition improperly requires that the rule be designed for
particular contents, that the rule be used by VDE controls, the presence of a VDE Secure
Processing Environment and that the rule is generated or identified based on the
descriptive data structure. Microsoft's definition also excludes embodiments describing
alternative control structures.
891.1
resource processed in a secure operating environment at a first appliance
The Microsoft definition improperly requires a shared facility and a Secure
Processing Unit with specific features.
securely receiving a first entity's control at said first appliance
The Microsoft definition includes numerous unnecessary limitations, including
secure container, authentication, use of controls and encryption on the communications
level.
securely receiving a second entity's control at said first appliance
t t
The Microsoft definition includes numerous unnecessary limitations, including
secure container, authentication, use of controls and encryption on the communications
level.
securely processing a data item at said first appliance, using at least one resource
The Microsoft definition improperly requires a Secure Processing Unit including
numerous limitations.
securely applying, at said first appliance through use of said at least one resource
said first entity's control and said second entity's control to govern use of said data
item
The Microsoft definition improperly requires a Secure Processing Environment
consisting of a Secure Processing Unit and that the resource be a component part of a
secure operating environment.
900,155
first host processing environment comprising
The Microsoft definition incorporates limitations not required by the claim or the
specifications, including limiting the host processing environment to only currently
executing software.
designed to be loaded into said main memory and executed by said central
processing unit
The Microsoft definition improperly requires that the software is capable of being
loaded "only" in the main memory and executed "only" by the CPU.
said tamper resistant software comprising: . . . one or more storage locations storing
said information
The Microsoft definition improperly requires that the storage locations be part of
the machine check programming and that the storage locations must not store other
information.
derives information from one or more aspects of said host processing environment,
The Microsoft definition improperly requires that information be derived from
"hardware," and that the information "uniquely and persistently" identify the host
processing environment.
one or more storage locations storing said information
The Microsoft definition improperly requires that the storage locations be part of
the tamper resistant software and that the storage locations must not store other
information.
information previously stored in said one or more storage locations
Microsoft's definition would render the claim nonsensical, since it would require
a comparison involving information that is no longer available for the comparison.
generates an indication based on the result of said comparison
Microsoft's definition improperly requires that only two results be possible and
that the indication is based solely on the result of the "compares" step.
programming which takes one or more actions based on the state of said indication
The Microsoft definition improperly requires executable programming, that the
programming not be part of the host processing environment, that the programming must
take an action regardless of the indicator state and that the action must be based solely on
the state of the indication.
at least temporarily halting further processing
Microsoft's definition improperly requires that the host processing environment
and all processes running in it be halted.
912.8
identifying at least one aspect of an execution space required for use and/or
execution of the load module
The Microsoft definition improperly requires that the identifier "define fully,
without reference to any other information."
said execution space identifier provides the capability for distinguishing between
execution spaces providing a higher level of security and execution spaces providing
a lower level of security
The Microsoft definition improperly requires that the execution space identifier
provides the load module with the ability to determine a level of security, and the
presence of two higher and two lower levels of security,
checking said record for validity prior to performing said executing step
The Microsoft definition improperly requires that the record be checked before
execution of any identified information, that evaluation occur within a VDE Secure
Processing Environment, and that specific types of information be checked.
912.35
received in a secure container
The Microsoft definition improperly requires "encapsulation" in a secure
container, authentication in accordance with VDE controls and acceptance of the secured
container.
said component assembly allowing access to or use of specified information
The Microsoft definition improperly requires that the component assembly
operate by itself, that it execute in a VDE Secure Processing Environment and that the :
component assembly be dedicated to specific information. The Microsoft definition
ignores embodiments describing alternative control structures and improperly
distinguishes access and use.
said first component assembly specified by said first record
The first paragraph of Microsoft's definition defines this term in a restrictive
manner with no support in the claim. Microsoft's second paragraph is devoted to a non-
existent inconsistency created by Microsoft's restrictive definition.
Claims as a Whole:
In every case, Microsoft requires the system be a VDE or the method be
performed in a VDE. This requirement is not supported by the language of any of the
claims.
Global Construction
The language of the individual claims contains nothing to support the large
number of restrictions imposed by Microsoft's "global construction." Those restrictions
are unsupported by and in many cases contradicted by the specification.
2. Digital Rights Management in general. Dr. Reiter will testify regarding Digital
Rights Management technology, including encryption and tamper-resistance techniques.
The nature and extent of such testimony will depend on the Court's decision as to the
scope and format of tutorial presentations.
3. InterTrust's patents and patent claims. Dr. Reiter will testify regarding the
general nature of the InterTrust patents, and will summarize the claims at issue in the
initial Joint Claim Construction hearing. The nature of that testimony will depend on the
# #
Court's decision as to ordering and format of testimony, but will be consistent with the
testimony outlined above regarding claim terms and phrases.